Re: How does termination work?

‎08-14-201109:31 PM

Termination moves the significance of the server certificate from the radius server to the controller. The controller has a built-in certificate, so if you enable termination, that means your radius server does not require a server certificate. Turning on termination also offloads the cpu-intensive process of the certificate process from the radius server to the controller, which allows you to authenticate more 802.1x users at a time.

EAP offload has a drawback if you use a Microsoft IAS or NPS radius server, machine authentication does not work. You do not have this issue with Cisco ACS, Juniper Odyssey or Freeradius servers.

******************Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.******************